I think he means why other five, presumably legitimate, companies have his email address when he never signed-up for them.
My guess is it may be someone like Facebook who used to share "your friends' data" with third-party companies. So one of your friends, who may have your email, allowed a third-party company to get that list of his contacts (including your email) via the Facebook API (which at the time may have allowed this sort of sharing).
Even today, a ton of Android, and until more recently iOS, apps would collect your contact list, which means YOU shared your friends' phone numbers with some random app company. I imagine many of those friends would be pissed off at you for allowing their phone numbers to fall into the wrong hands, too, and now getting spammed all the time (if only they knew how the spam companies got their phone numbers to begin with).
And the only option left is to hunt the breach asking them one by one who's responsible.
Use standard requests and beware of panicked personnel, especially if you bypass executives.
Or the info may have been transfered to third party for "legitimate" reasons, and then "stolen" by an employer of said third party. From the second-hand stories I heard personally, this is a common practice with call centres subcontracted by Polish telcos.
Still, it doesn't matter. Whether the company sold the data or got it taken from them, they are still at fault.
The company might not have sold your info. They might have been hacked. There really isn't any way to know for sure FWICT.